Zyxel announced patches are available and should be applied immediately for the newly discovered vulnerability CVE-2023-27992. The flaw is a pre-authentication command injection issue that affects some of the network-attached storage (NAS) versions.
Source: Heimdal Security Blog